[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] Bruce Schneier's Guardian Article about N_S_A and Tor.

On 6/28/2014 6:36 PM, Seth David Schoen wrote:
williamwinkle@xxxxxxxxxxxxxxx writes:

I don't understand what Schneier means by this:

"After identifying an individual Tor user on the internet, the NSA
uses its network of secret internet servers to redirect those users
to another set of secret internet servers, with the codename
FoxAcid, to infect the user's computer."

Surely the whole point of Tor is that the requester of
http://www.target_website.com cannot be identified based on the
traffic which leaves the exit node. Since the N_S_A would only know
the IP address of the exit node and the destination
http://www.target_website.com, how can the client be identified even
if the traffic is redirected to the FoxAcid servers?
Tor is preventing the user from being identified by their (true) source
IP address.  In the hypothesis of the article, there's sometimes another
way to identify the user, for example because they've logged into a
(non-TLS) service using a particular username and password, or because
they sent a particular cookie.

The materials that Schneier is reporting on use a very broad notion of a
"selector" -- a way of referring to a particular user or device or
network in order to associate network traffic with them.  One of the
most fundamental selectors on the Internet is someone's source IP
address, which Tor obfuscates.  The Tor Browser also tries not to have
any persistently distinguishable features between one user's traffic
and another's (unlike a normal desktop web browser!), but a user's
particular behavior could still provide ways of identifying them and
distinguishing them from other users.

Yes, and then it may become a partly theoretical / partly real world discussion of (the "real world," mind-blowing part being based on Snowden releases): * It has to be assumed that the major world gov'ts will not sit idly by, while enemies of their states use (any) communication method right under their noses and say, "Oh well, the bad guys are too smart for us."

* to what lengths of time & (our) money are world gov't agencies willing to go to break encryption - of anything? (the U.S. isn't the only one)

* what else have gov'ts developed to identify users thru fingerprinting or methods we haven't dreamed of yet? Remember how blown away everyone was about the Snowden documents. It would be totally wrong to assume that Snowden was able to gather & release *all* methods in use or being developed, to "crack the internet." Likely, for every thing he disclosed, there were *many other earth-shattering ones left undisclosed.*

* In many countries, the gov't doesn't care about proving you're an enemy of the state, beyond a reasonable doubt. That's a whole other conversation. In "kinder, gentler," advanced democracies, gov'ts are now so powerful (as shown by Snowden documents), that if they have good suspicion you're threatening national security or running drug / sex slave operations, they may eventually get you, even if you don't use the internet at all.

They are willing to spend as much of our money as it takes to infiltrate any & every thing, that they perceive to be a real threat or a significant tool of powerful enemies. And up to a point, that may be a good thing. But when has <any> gov't shown wisdom of knowing when some action is going too far?

And while Tor or any great organization or company you choose, has incredibly talented people, the major world gov'ts have 1000's of people *just as talented - working round the clock.* Long term, it's going to be hard to outwit them & completely impossible to outspend them. That doesn't mean people shouldn't try.

tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx
To unsubscribe or change other settings go to